8 matches found
CVE-2026-23939
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Store.Local' module allows Relative Path Traversal. This vulnerability is associated with program files lib/hexpm/store/local.ex and program routines...
EEF-CVE-2026-23939 Path Traversal in Local File Store Backend
Summary Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Store.Local' module allows Relative Path Traversal. This vulnerability is associated with program files lib/hexpm/store/local.ex and program routines...
CVE-2026-23939 Path Traversal in Local File Store Backend
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Store.Local' module allows Relative Path Traversal. This vulnerability is associated with program files lib/hexpm/store/local.ex and program routines...
CVE-2026-23939 Path Traversal in Local File Store Backend
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in hexpm hexpm/hexpm 'Elixir.Hexpm.Store.Local' module allows Relative Path Traversal. This vulnerability is associated with program files lib/hexpm/store/local.ex and program routines...
CVE-2026-23939
The CVE-2026-23939 issue affects the Local Storage backend of hexpm (Elixir.Hexpm.Store.Local) used in self-hosted deployments. The vulnerability is a path traversal flaw in local storage routines get/3, put/4, delete/2, and delete_many/2 within lib/hexpm/store/local.ex, allowing relative path tr...
PT-2026-22180
Name of the Vulnerable Software and Affected Versions hexpm versions prior to 5d2ccd2f14f45a63225a73fb5b1c937baf36fdc0 Description A path traversal issue exists in hexpm’s Local Storage backend, impacting self-hosted deployments. The issue resides within the 'Elixir.Hexpm.Store.Local' module and...
CVE-2026-25964 Tandoor Recipes Affected by Authenticated Local File Disclosure (LFD) via Recipe Import leads to Arbitrary File Read
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traversal vulnerability in the RecipeImport workflow of Tandoor Recipes allows authenticated users with import permissions to read arbitrary files on the server. This...
PT-2026-8022
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traversal vulnerability in the RecipeImport workflow of Tandoor Recipes allows authenticated users with import permissions to read arbitrary files on the server. This...